Avoid using jQuery $.cookie

Rule Definition
Component-heavy development patterns can lead to development teams not even understanding which components they use in their application or API, much less keeping them up to date.

Remediation
Use the Cookie framework instead (https://github.com/js-cookie/js-cookie)

Violation Code Sample

// set value $.cookie('name', 'value'); // get value $.cookie('name'); // => "value"

Fixed Code Sample

// set value Cookies.set('name', 'value', { domain: 'subdomain.site.com' }); // get value Cookies.get('name'); // => 'value'

Reference

https://www.owasp.org/index.php/Top_10-2017_A9-Using_Components_with_Known_Vulnerabilities

Related Technologies

Health Factor

Security

Technical Criterion
PCI-DSS4-Requirement-6.3.2 - An inventory of bespoke and custom software, and third-party software components incorporated into bespoke and custom software is maintained to facilitate vulnerability and patch management.

About CAST Appmarq

CAST Appmarq is by far the biggest repository of data about real IT systems. It's built on thousands of analyzed applications, made of 35 different technologies, by over 300 business organizations across major verticals. It provides IT Leaders with factual key analytics to let them know if their applications are on track.

Benchmark Statistics

Global Compliance

100.00%

Total Violations

0

Total Opportunities

1,128

Average Violations / App.

0.00

The compliance score represents 1 minus the ratio between the number of times a rule has been violated compared to the number of opportunities in a set of applications that the rule could have been violated.

Industry Insights

Select from drop-down

99.72%

IT & Business Consulting

99.00%

Telecommunications

99.49%

Want more stats? Register now!